↓Skip to main content

WORDPRESS

OFFSEC - Proving Grounds - NUKEM

20 July 2025·2005 words·10 mins

OFFSEC PG PRACTICE WORDPRESS DOSBOX

Access target via SSH or exploit WordPress with wpscan using simple-file-list vuln. Get http user, find commander creds in wp-config.php, use SUID dosbox for root.